npm - @neteasecloudmusicapienhanced/api - Versions diffs - 4.30.3 → 4.32.0 - Mend

@neteasecloudmusicapienhanced/api 4.30.3 → 4.32.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/README.MD +1 -1
package/module/dj_difm_all_style_channel.js +9 -0
package/module/dj_difm_channel_subscribe.js +9 -0
package/module/dj_difm_channel_unsubscribe.js +9 -0
package/module/dj_difm_playing_tracks_list.js +11 -0
package/module/dj_difm_subscribe_channels_get.js +13 -0
package/module/radio_sport_get.js +9 -0
package/module/register_anonimous.js +2 -1
package/module/sati_resource_list.js +11 -0
package/module/sati_resource_list_more.js +13 -0
package/module/sati_resource_sub.js +10 -0
package/module/sati_resource_sub_list.js +7 -0
package/module/sati_tag_list.js +7 -0
package/module/sati_timescene_resources_get.js +13 -0
package/module/song_creators.js +9 -0
package/package.json +14 -13
package/public/api.html +29 -0
package/public/docs/home.md +173 -0
package/public/eapi_decrypt.html +44 -6
package/server.js +71 -15
package/util/crypto.js +27 -9
package/util/request.js +23 -22

package/README.MD CHANGED Viewed

@@ -130,7 +130,7 @@ $ sudo docker run -d -p 3000:3000 ncm-api
 | 变量名                        | 默认值                                  | 说明                                                 |
 |----------------------------|--------------------------------------|----------------------------------------------------|
-| **CORS_ALLOW_ORIGIN**      | `*`                                  | 允许跨域请求的域名。若需要限制，请指定具体域名（例如 `https://example.com`）。 |
+| **CORS_ALLOW_ORIGIN**      | `*`                                  | 允许跨域请求的域名。可填写单个源，或使用逗号分隔多个源（例如 `https://a.com,https://b.com`）。 |
 | **ENABLE_PROXY**           | `false`                              | 是否启用反向代理功能。                                        |
 | **PROXY_URL**              | `https://your-proxy-url.com/?proxy=` | 代理服务地址。仅当 `ENABLE_PROXY=true` 时生效。                 |
 | **ENABLE_GENERAL_UNBLOCK** | `true`                               | 是否启用全局解灰（推荐开启）。开启后所有歌曲都尝试自动解锁。                     |

package/module/dj_difm_all_style_channel.js ADDED Viewed

@@ -0,0 +1,9 @@
+// DIFM电台 - 分类
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {
+    sources: query.sources || '[0]',
+  }
+  return request(`/api/dj/difm/all/style/channel/v2`, data, createOption(query))
+}

package/module/dj_difm_channel_subscribe.js ADDED Viewed

@@ -0,0 +1,9 @@
+// DIFM电台 - 收藏频道
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {
+    id: query.id,
+  }
+  return request(`/api/dj/difm/channel/subscribe`, data, createOption(query))
+}

package/module/dj_difm_channel_unsubscribe.js ADDED Viewed

@@ -0,0 +1,9 @@
+// DIFM电台 - 取消收藏频道
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {
+    id: query.id,
+  }
+  return request(`/api/dj/difm/channel/unsubscribe`, data, createOption(query))
+}

package/module/dj_difm_playing_tracks_list.js ADDED Viewed

@@ -0,0 +1,11 @@
+// DIFM电台 - 播放列表
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {
+    limit: query.limit || 5,
+    source: query.source || 0,
+    channelId: query.channelId,
+  }
+  return request(`/api/dj/difm/playing/tracks/list`, data, createOption(query))
+}

package/module/dj_difm_subscribe_channels_get.js ADDED Viewed

@@ -0,0 +1,13 @@
+// DIFM电台 - 收藏列表
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {
+    sources: query.sources || '[0]',
+  }
+  return request(
+    `/api/dj/difm/subscribe/channels/get/v2`,
+    data,
+    createOption(query),
+  )
+}

package/module/radio_sport_get.js ADDED Viewed

@@ -0,0 +1,9 @@
+// 跑步漫游
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {
+    bpm: query.bpm || 50,
+  }
+  return request(`/api/radio/sport/get`, data, createOption(query))
+}

package/module/register_anonimous.js CHANGED Viewed

@@ -2,6 +2,7 @@ const CryptoJS = require('crypto-js')
 const path = require('path')
 const fs = require('fs')
 const ID_XOR_KEY_1 = '3go8&$8*3*3h0k(2)2'
+const logger = require('../util/logger.js')
 const createOption = require('../util/option.js')
 const { generateDeviceId } = require('../util/index')
@@ -23,7 +24,7 @@ function cloudmusic_dll_encode_id(some_id) {
 module.exports = async (query, request) => {
   const deviceId = generateDeviceId()
-  console.log(`[register_anonimous] deviceId: ${deviceId}`)
+  logger.info(`Successfully registered anonimous token, deviceId: ${deviceId}`)
   global.deviceId = deviceId
   const encodedId = CryptoJS.enc.Base64.stringify(
     CryptoJS.enc.Utf8.parse(

package/module/sati_resource_list.js ADDED Viewed

@@ -0,0 +1,11 @@
+// 助眠解压 - 获取标签下资源列表
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {
+    tag: query.tag,
+    firstQuery: false,
+  }
+  return request(`/api/voice/sati/resource/list`, data, createOption(query))
+}

package/module/sati_resource_list_more.js ADDED Viewed

@@ -0,0 +1,13 @@
+// 助眠解压 - 查看同类推荐
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {
+    id: query.id,
+  }
+  return request(
+    `/api/voice/sati/resource/list/more/v1`,
+    data,
+    createOption(query),
+  )
+}

package/module/sati_resource_sub.js ADDED Viewed

@@ -0,0 +1,10 @@
+// 助眠解压 - 收藏
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {
+    id: query.id,
+    cancel: query.cancel || false,
+  }
+  return request(`/api/voice/sati/resource/sub`, data, createOption(query))
+}

package/module/sati_resource_sub_list.js ADDED Viewed

@@ -0,0 +1,7 @@
+// 助眠解压 - 收藏列表
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {}
+  return request(`/api/voice/sati/resource/sub/list`, data, createOption(query))
+}

package/module/sati_tag_list.js ADDED Viewed

@@ -0,0 +1,7 @@
+// 助眠解压 - 标签列表
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {}
+  return request(`/api/voice/sati/tag/list`, data, createOption(query))
+}

package/module/sati_timescene_resources_get.js ADDED Viewed

@@ -0,0 +1,13 @@
+// 助眠解压 - 特定时间场景下的推荐资源
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {
+    firstQuery: false,
+  }
+  return request(
+    `/api/voice/sati/timescene/resources/get`,
+    data,
+    createOption(query),
+  )
+}

package/module/song_creators.js ADDED Viewed

@@ -0,0 +1,9 @@
+// 歌曲创作者信息
+const createOption = require('../util/option.js')
+module.exports = (query, request) => {
+  const data = {
+    songId: query.id,
+  }
+  return request(`/api/song/creators`, data, createOption(query))
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@neteasecloudmusicapienhanced/api",
-  "version": "4.30.3",
+  "version": "4.32.0",
   "description": "全网最全的网易云音乐API接口 || A revival project for NeteaseCloudMusicApi Node.js Services (Half Refactor & Enhanced) || 网易云音乐 API 备份 + 增强 || 本项目自原版v4.28.0版本后开始自行维护",
   "scripts": {
     "dev": "nodemon app.js",
@@ -65,14 +65,15 @@
     "data"
   ],
   "dependencies": {
-    "@neteasecloudmusicapienhanced/unblockmusic-utils": "^0.2.3",
-    "axios": "^1.13.5",
+    "@neteasecloudmusicapienhanced/unblockmusic-utils": "^0.2.4",
+    "axios": "^1.13.6",
     "crypto-js": "^4.2.0",
     "dotenv": "^17.3.1",
     "express": "^5.2.1",
     "express-fileupload": "^1.5.2",
-    "music-metadata": "^11.12.1",
-    "node-forge": "^1.3.3",
+    "gzip": "^0.1.0",
+    "music-metadata": "^11.12.3",
+    "node-forge": "^1.4.0",
     "pac-proxy-agent": "^7.2.0",
     "qrcode": "^1.5.4",
     "safe-decode-uri-component": "^1.2.1",
@@ -81,22 +82,22 @@
     "yargs": "^18.0.0"
   },
   "devDependencies": {
-    "@eslint/eslintrc": "^3.3.3",
-    "@eslint/js": "^9.39.3",
+    "@eslint/eslintrc": "^3.3.5",
+    "@eslint/js": "^9.39.4",
     "@types/express": "^5.0.6",
     "@types/express-fileupload": "^1.5.1",
     "@types/mocha": "^10.0.10",
-    "@types/node": "25.0.9",
-    "@typescript-eslint/eslint-plugin": "^8.56.0",
-    "@typescript-eslint/parser": "^8.56.0",
-    "eslint": "^9.39.3",
+    "@types/node": "25.5.0",
+    "@typescript-eslint/eslint-plugin": "^8.57.2",
+    "@typescript-eslint/parser": "^8.57.2",
+    "eslint": "^9.39.4",
     "eslint-config-prettier": "^10.1.8",
     "eslint-plugin-html": "^8.1.4",
     "eslint-plugin-prettier": "^5.5.5",
-    "globals": "^16.5.0",
+    "globals": "^17.4.0",
     "husky": "^9.1.7",
     "intelli-espower-loader": "^1.1.0",
-    "lint-staged": "^16.2.7",
+    "lint-staged": "^16.4.0",
     "mocha": "^11.7.5",
     "nodemon": "^3.1.14",
     "pkg": "^5.8.1",

package/public/api.html CHANGED Viewed

@@ -188,6 +188,35 @@
                 document.getElementById('result').value = 'Request failed: ' + error.message;
             }
         }
+        (function fillFromQuery() {
+            const params = new URLSearchParams(window.location.search);
+            if (!params.toString()) return;
+            const uri = params.get('uri');
+            const crypto = params.get('crypto');
+            const dataParam = params.get('data');
+            if (uri) {
+              document.getElementById('uri').value = uri;
+            }
+            if (crypto) {
+              const cryptoSelect = document.getElementById('crypto');
+              if ([...cryptoSelect.options].some((opt) => opt.value === crypto)) {
+                cryptoSelect.value = crypto;
+              }
+            }
+            if (dataParam) {
+              const decoded = dataParam;
+              try {
+                document.getElementById('data').value = JSON.stringify(
+                  JSON.parse(decoded),
+                  null,
+                  2,
+                );
+              } catch (error) {
+                document.getElementById('data').value = decoded;
+              }
+            }
+          })();
     </script>
 </body>
 </html>

package/public/docs/home.md CHANGED Viewed

@@ -209,6 +209,12 @@ $ sudo docker build . -t netease-music-api
 $ sudo docker run -d -p 3000:3000 netease-music-api
 ```
+## 调试工具
+- `eapi` 请求参数或返回内容可在 `/eapi_decrypt.html` 里解析
+- 请求参数模式下, 解密结果可直接带到 `/api.html` 继续调试
+- 需要返回值加密时, 可传 `e_r=1`, `weapi` 和 `eapi` 都支持
 ## 接口文档
 ### 调用前须知
@@ -5031,6 +5037,21 @@ let data = encodeURIComponent(
 **调用例子:** `/vip/sign/info`
+### 广播电台 - 收藏/取消收藏电台
+说明: 登录后调用此接口, 传入电台 id, 可收藏或取消收藏广播电台
+**必选参数：**
+`id`: 电台 id
+`t`: 操作类型, `1` 为收藏, 其余值为取消收藏
+**接口地址:** `/broadcast/sub`
+**调用例子:** `/broadcast/sub?id=5&t=1`
 ### 用户的创建歌单列表
 说明 : 调用此接口, 传入用户id, 获取用户的创建歌单列表
@@ -5143,6 +5164,158 @@ let data = encodeURIComponent(
 **调用例子 :** `/comment/reply?id=2058263032&commentId=123456789&content=我也觉得这首歌很棒！`
+### DIFM电台 - 分类
+说明: 调用此接口, 获取DIFM电台分类
+**必选参数 :**
+`sources`: 来源列表, 0: 最嗨电音 1: 古典电台 2: 爵士电台
+**接口地址:** `/dj/difm/all/style/channel`
+**调用例子:** `/dj/difm/all/style/channel?sources=[0]`
+### DIFM电台 - 收藏列表
+说明: 调用此接口, 获取DIFM电台收藏列表
+**必选参数 :**
+`sources`: 来源列表, 0: 最嗨电音 1: 古典电台 2: 爵士电台
+**接口地址:** `/dj/difm/subscribe/channels/get`
+**调用例子:** `/dj/difm/subscribe/channels/get?sources=[0]`
+### DIFM电台 - 收藏频道
+说明: 调用此接口, 可收藏DIFM频道
+**必选参数 :**
+`id`: 频道id
+**接口地址:** `/dj/difm/channel/subscribe`
+**调用例子:** `/dj/difm/channel/subscribe?id=1`
+### DIFM电台 - 取消收藏频道
+说明: 调用此接口, 可取消收藏DIFM频道
+**必选参数 :**
+`id`: 频道id
+**接口地址:** `/dj/difm/channel/unsubscribe`
+**调用例子:** `/dj/difm/channel/unsubscribe?id=1`
+### DIFM电台 - 播放列表
+说明: 调用此接口, 获取DIFM播放列表
+**必选参数 :**
+`source`: 来源, 0: 最嗨电音 1: 古典电台 2: 爵士电台
+`channelId`: 频道id
+**可选参数 :**
+`limit`: 返回数量, 默认为 5
+**接口地址:** `/dj/difm/playing/tracks/list`
+**调用例子:** `/dj/difm/playing/tracks/list?source=0&channelId=1012`
+### 助眠解压 - 特定时间场景下的推荐资源
+说明: 调用此接口, 获取特定时间场景下的推荐资源
+**接口地址:** `/sati/timescene/resources/get`
+**调用例子:** `/sati/timescene/resources/get`
+### 助眠解压 - 标签列表
+说明: 调用此接口, 获取标签列表
+**接口地址:** `/sati/tag/list`
+**调用例子:** `/sati/tag/list`
+### 助眠解压 - 获取标签下资源列表
+说明: 调用此接口, 获取标签下资源列表; 接口返回的`trackId`可以用于请求`/song/url/v1`接口，用于获取声音的下载地址
+**必选参数 :**
+`tag`: 标签, 由标签列表接口得到
+**接口地址:** `/sati/resource/list`
+**调用例子:** `/sati/resource/list?tag=naturalMusic`
+### 助眠解压 - 查看同类推荐
+说明: 调用此接口, 查看同类推荐
+**必选参数 :**
+`id`: id, `/sati/tag/list`接口返回的`trackId`
+**接口地址:** `/sati/resource/list/more`
+**调用例子:** `/sati/resource/list/more?id=167003`
+### 助眠解压 - 收藏列表
+说明: 调用此接口, 获取收藏列表
+**接口地址:** `/sati/resource/sub/list`
+**调用例子:** `/sati/resource/sub/list`
+### 助眠解压 - 收藏
+说明: 调用此接口, 收藏声音
+**必选参数 :**
+`id`: id, `/sati/tag/list`接口返回的`trackId`
+**可选参数 :**
+`cancel`: 是否取消收藏, 默认不取消
+**接口地址:** `/sati/resource/sub`
+**调用例子:** `/sati/resource/sub?id=167003`
+### 跑步漫游
+说明: 调用此接口，获取跑步漫游的歌曲信息
+**必选参数：**
+`bpm`: 步频
+**接口地址:** `/radio/sport/get`
+**调用例子:** `/radio/sport/get?bpm=50`
+### 歌曲创作者信息
+说明 : 调用此接口, 传入音乐 id 可获得对应音乐的创作者信息
+**必选参数 :** `id`: 音乐 id
+**接口地址 :** `/song/creators`
+**调用例子 :** `/song/creators?id=33894312`
 ## 离线访问此文档
 此文档同时也是 Progressive Web Apps(PWA), 加入了 serviceWorker, 可离线访问

package/public/eapi_decrypt.html CHANGED Viewed

@@ -96,6 +96,10 @@
       transition: background 0.2s ease;
     }
+    button + button {
+      margin-left: 12px;
+    }
     button:hover {
       background: #555;
     }
@@ -166,6 +170,7 @@
     </div>
     <button @click="decrypt">解密</button>
+    <button @click="sendToApi" :disabled="!canSend" :class="[{ 'opacity-50 cursor-not-allowed pointer-events-none': !canSend },]">填入 API 调试</button>
     <div class="result-section">
       <label>解密结果：</label>
@@ -194,12 +199,29 @@
       mounted() {
         this.decrypt()
       },
+      computed: {
+        isRequestMode() {
+          return this.isReq === true || this.isReq === 'true'
+        },
+        canSend() {
+          if (!this.isRequestMode) return false
+          if (!this.result || this.result === '{}' || this.result === 'null') return false
+          try {
+            JSON.parse(this.result)
+            return true
+          } catch (error) {
+            return false
+          }
+        },
+      },
       methods: {
-        formatResult(result) {
+        formatResult(value) {
+          if (value == null || value === '') return ''
           try {
-            return JSON.stringify(JSON.parse(result), null, 2)
-          } catch (e) {
-            return result
+            const parsed = typeof value === 'string' ? JSON.parse(value) : value
+            return JSON.stringify(parsed, null, 2)
+          } catch (error) {
+            return String(value)
           }
         },
         async decrypt() {
@@ -215,9 +237,25 @@
             console.log(res.data);
           } catch (error) {
             console.error(error)
-            alert(error?.response?.data?.message || '解密失败，数据格式错误')
+            alert(error?.response?.data?.message || '解密失败,数据格式错误')
           }
-        }
+        },
+        sendToApi() {
+          if (!this.canSend) return
+          const payload = JSON.parse(this.result)
+          const params = new URLSearchParams()
+          params.set('uri', payload.uri || payload.url || payload.path || '')
+          params.set('crypto', 'eapi')
+          const data =
+            payload.params ||
+            payload.data ||
+            payload.body ||
+            payload.payload ||
+            payload.request ||
+            {}
+          params.set('data', JSON.stringify(data))
+          window.open(`/api.html?${params.toString()}`, '_blank')
+        },
       }
     })
     app.mount('#app')

package/server.js CHANGED Viewed

@@ -127,15 +127,68 @@ async function checkVersion() {
   })
 }
+function parseCorsAllowOrigins(corsAllowOrigin) {
+  if (!corsAllowOrigin) {
+    return null
+  }
+  const origins = corsAllowOrigin
+    .split(',')
+    .map((origin) => origin.trim())
+    .filter(Boolean)
+  return origins.length > 0 ? origins : null
+}
+function getCorsAllowOrigin(allowOrigins, requestOrigin) {
+  if (!allowOrigins) {
+    return requestOrigin || '*'
+  }
+  if (allowOrigins.includes('*')) {
+    return '*'
+  }
+  if (requestOrigin && allowOrigins.includes(requestOrigin)) {
+    return requestOrigin
+  }
+  return null
+}
+function createConsoleSpinner(message = '启动中') {
+  if (!process.stdout.isTTY) {
+    return {
+      stop() {},
+    }
+  }
+  const frames = ['⠋', '⠙', '⠹', '⠸', '⠼', '⠴', '⠦', '⠧', '⠇', '⠏']
+  let index = 0
+  process.stdout.write(`${frames[index]} ${message}...`)
+  const timer = setInterval(() => {
+    index = (index + 1) % frames.length
+    process.stdout.write(`\r${frames[index]} ${message}...`)
+  }, 80)
+  return {
+    stop() {
+      clearInterval(timer)
+      process.stdout.write(`\r✔ ${message} 完成。\n`)
+    },
+  }
+}
 /**
  * Construct the server of NCM API.
  *
  * @param {ModuleDefinition[]} [moduleDefs] Customized module definitions [advanced]
  * @returns {Promise<import("express").Express>} The server instance.
  */
-async function consturctServer(moduleDefs) {
+async function constructServer(moduleDefs) {
   const app = express()
   const { CORS_ALLOW_ORIGIN } = process.env
+  const allowOrigins = parseCorsAllowOrigins(CORS_ALLOW_ORIGIN)
   app.set('trust proxy', true)
   /**
@@ -147,10 +200,17 @@ async function consturctServer(moduleDefs) {
    */
   app.use((req, res, next) => {
     if (req.path !== '/' && !req.path.includes('.')) {
+      const corsAllowOrigin = getCorsAllowOrigin(
+        allowOrigins,
+        req.headers.origin,
+      )
+      const shouldSetVaryHeader = corsAllowOrigin && corsAllowOrigin !== '*'
       res.set({
         'Access-Control-Allow-Credentials': true,
-        'Access-Control-Allow-Origin':
-          CORS_ALLOW_ORIGIN || req.headers.origin || '*',
+        ...(corsAllowOrigin
+          ? { 'Access-Control-Allow-Origin': corsAllowOrigin }
+          : {}),
+        ...(shouldSetVaryHeader ? { Vary: 'Origin' } : {}),
         'Access-Control-Allow-Headers': 'X-Requested-With,Content-Type',
         'Access-Control-Allow-Methods': 'PUT,POST,GET,DELETE,OPTIONS',
         'Content-Type': 'application/json; charset=utf-8',
@@ -350,6 +410,8 @@ async function serveNcmApi(options) {
   const port = Number(options.port || process.env.PORT || '3000')
   const host = options.host || process.env.HOST || ''
+  const spinner = createConsoleSpinner('服务启动中')
   const checkVersionSubmission =
     options.checkVersion &&
     checkVersion().then(({ npmVersion, ourVersion, status }) => {
@@ -359,28 +421,22 @@ async function serveNcmApi(options) {
         )
       }
     })
-  const constructServerSubmission = consturctServer(options.moduleDefs)
+  const constructServerSubmission = constructServer(options.moduleDefs)
   const [_, app] = await Promise.all([
     checkVersionSubmission,
     constructServerSubmission,
   ])
+  spinner.stop()
   /** @type {import('express').Express & ExpressExtension} */
   const appExt = app
   appExt.server = app.listen(port, host, () => {
     console.log(`
-   _   _  _____ __  __
-  | \\ | |/ ____|  \\/  |
-  |  \\| | |    | \\  / |
-  | . \` | |    | |\\/| |
-  | |\\  | |____| |  | |
-  |_| \\_|\\_____|_|  |_|
-    `)
-    console.log(`
-    ╔═╗╔═╗╦    ╔═╗╔╗╔╦ ╦╔═╗╔╗╔╔═╗╔═╗╔╦╗
-    ╠═╣╠═╝║    ║╣ ║║║╠═╣╠═╣║║║║  ║╣  ║║
-    ╩ ╩╩  ╩    ╚═╝╝╚╝╩ ╩╩ ╩╝╚╝╚═╝╚═╝═╩╝
+  ╔═╗╔═╗╦    ╔═╗╔╗╔╦ ╦╔═╗╔╗╔╔═╗╔═╗╔╦╗
+  ╠═╣╠═╝║    ║╣ ║║║╠═╣╠═╣║║║║  ║╣  ║║
+  ╩ ╩╩  ╩    ╚═╝╝╚╝╩ ╩╩ ╩╝╚╝╚═╝╚═╝═╩╝
     `)
     logger.info(`
 - Server started successfully @ http://${host ? host : 'localhost'}:${port}

package/util/crypto.js CHANGED Viewed

@@ -1,5 +1,6 @@
 const CryptoJS = require('crypto-js')
 const forge = require('node-forge')
+const zlib = require('zlib')
 const iv = '0102030405060708'
 const presetKey = '0CoJUm6Qyw8W8jud'
 const linuxapiKey = 'rFgB&h#%2?^eDg:Q'
@@ -44,7 +45,7 @@ const aesDecrypt = (ciphertext, key, iv, format = 'base64') => {
       },
     )
   }
-  return bytes.toString(CryptoJS.enc.Utf8)
+  return bytes
 }
 const rsaEncrypt = (str, key) => {
   const forgePublicKey = forge.pki.publicKeyFromPem(key)
@@ -85,20 +86,37 @@ const eapi = (url, object) => {
     params: aesEncrypt(data, 'ecb', eapiKey, '', 'hex'),
   }
 }
-const eapiResDecrypt = (encryptedParams) => {
+const eapiResDecrypt = (encryptedParams, aeapi = false) => {
   // 使用aesDecrypt解密参数
   try {
-    const decryptedData = aesDecrypt(encryptedParams, eapiKey, '', 'hex')
-    return JSON.parse(decryptedData)
+    const decrypted = aesDecrypt(encryptedParams, eapiKey, '', 'hex') // WordArray
+    if (aeapi) {
+      // 带压缩的解密：先转 Base64 再解压
+      const decryptedBuffer = Buffer.from(
+        decrypted.toString(CryptoJS.enc.Base64),
+        'base64',
+      )
+      const decompressed = zlib.gunzipSync(decryptedBuffer)
+      return JSON.parse(decompressed.toString())
+    } else {
+      // 普通解密：直接转 UTF-8 字符串
+      return JSON.parse(decrypted.toString(CryptoJS.enc.Utf8))
+    }
   } catch (error) {
-    console.log('eapiResDecrypt error:', error)
+    console.log(`eapiResDecrypt error:`, error)
     return null
   }
 }
 const eapiReqDecrypt = (encryptedParams) => {
-  // 使用aesDecrypt解密参数
-  const decryptedData = aesDecrypt(encryptedParams, eapiKey, '', 'hex')
-  // 使用正则表达式解析出URL和数据
+  // 使用 aesDecrypt 解密参数
+  const decryptedData = aesDecrypt(
+    encryptedParams,
+    eapiKey,
+    '',
+    'hex',
+  ).toString(CryptoJS.enc.Utf8)
+  // 使用正则表达式解析出 URL 和数据
   const match = decryptedData.match(/(.*?)-36cd479b6b5-(.*?)-36cd479b6b5-(.*)/)
   if (match) {
     const url = match[1]
@@ -106,7 +124,7 @@ const eapiReqDecrypt = (encryptedParams) => {
     return { url, data }
   }
-  // 如果没有匹配到，返回null
+  // 如果没有匹配到，返回 null
   return null
 }
 const decrypt = (cipher) => {

package/util/request.js CHANGED Viewed

@@ -3,7 +3,6 @@ const encrypt = require('./crypto')
 const CryptoJS = require('crypto-js')
 const { default: axios } = require('axios')
 const { PacProxyAgent } = require('pac-proxy-agent')
-const logger = require('./logger')
 const http = require('http')
 const https = require('https')
 const tunnel = require('tunnel')
@@ -160,10 +159,8 @@ const createRequest = (uri, data, options) => {
   return new Promise((resolve, reject) => {
     // 变量声明和初始化
     const headers = options.headers ? { ...options.headers } : {}
-    const ip =
-      options.realIP ||
-      options.ip ||
-      (options.randomCNIP ? generateRandomChineseIP() : '')
+    const ip = options.realIP || options.ip || ''
     // IP头设置
     if (ip) {
       headers['X-Real-IP'] = ip
@@ -191,6 +188,13 @@ const createRequest = (uri, data, options) => {
     const answer = { status: 500, body: {}, cookie: [] }
+    data.e_r = toBoolean(
+      options.e_r !== undefined
+        ? options.e_r
+        : data.e_r !== undefined
+          ? data.e_r
+          : ENCRYPT_RESPONSE,
+    )
     // 根据加密方式处理
     switch (crypto) {
       case 'weapi':
@@ -240,14 +244,9 @@ const createRequest = (uri, data, options) => {
         headers['User-Agent'] = options.ua || chooseUserAgent('api', 'iphone')
         if (crypto === 'eapi') {
+          // headers['x-aeapi'] = true // 服务器会使用gzip压缩返回值
           data.header = header
-          data.e_r = toBoolean(
-            options.e_r !== undefined
-              ? options.e_r
-              : data.e_r !== undefined
-                ? data.e_r
-                : ENCRYPT_RESPONSE,
-          )
           encryptData = encrypt.eapi(uri, data)
           url = (options.domain || API_DOMAIN) + '/eapi/' + uri.substr(5)
         } else if (crypto === 'api') {
@@ -257,10 +256,10 @@ const createRequest = (uri, data, options) => {
         break
       default:
-        logger.error('Unknown Crypto:', crypto)
+        console.log('[ERR]', 'Unknown Crypto:', crypto)
         break
     }
-    // logger.info(url);
+    // console.log(url);
     // settings创建
     let settings = {
       method: 'POST',
@@ -271,8 +270,9 @@ const createRequest = (uri, data, options) => {
       httpsAgent: createHttpsAgent(),
     }
-    // e_r处理
-    if (data.e_r) {
+    // 使用返回值加密
+    const use_e_r = (crypto === 'eapi' || crypto === 'weapi') && data.e_r
+    if (use_e_r) {
       settings.encoding = null
       settings.responseType = 'arraybuffer'
     }
@@ -302,16 +302,16 @@ const createRequest = (uri, data, options) => {
             settings.httpAgent = agent
             settings.proxy = false
           } else {
-            logger.error('代理配置无效,不使用代理')
+            console.error('代理配置无效,不使用代理')
           }
         } catch (e) {
-          logger.error('代理URL解析失败:', e.message)
+          console.error('代理URL解析失败:', e.message)
         }
       }
     } else {
       settings.proxy = false
     }
-    // logger.info(settings.headers);
+    // console.log(settings.headers);
     axios(settings)
       .then((res) => {
         const body = res.data
@@ -320,9 +320,10 @@ const createRequest = (uri, data, options) => {
         )
         try {
-          if (crypto === 'eapi' && data.e_r) {
+          if (use_e_r) {
             answer.body = encrypt.eapiResDecrypt(
               body.toString('hex').toUpperCase(),
+              headers['x-aeapi'],
             )
           } else {
             answer.body =
@@ -350,14 +351,14 @@ const createRequest = (uri, data, options) => {
         if (answer.status === 200) {
           resolve(answer)
         } else {
-          logger.error(answer)
+          console.log('[ERR]', answer)
           reject(answer)
         }
       })
       .catch((err) => {
         answer.status = 502
         answer.body = { code: 502, msg: err.message || err }
-        logger.error(answer)
+        console.log('[ERR]', answer)
         reject(answer)
       })
   })